products/SUSE_ALP_Standard
9
0
Fork 1
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
a7c1876b16
SUSE_ALP_Standard/patchinfo.20241204103913449963.255638743075857/_patchinfo

21 lines
1.1 KiB
Plaintext
Raw Blame History

<patchinfo incident="133">
<!-- generated from request(s) 332835 -->
<issue tracker="bnc" id="1223417">VUL-0: CVE-2024-33663: python-python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats</issue>
<issue tracker="bnc" id="1223422">VUL-0: CVE-2024-33664: python-python-jose: denial of service via decoding of a JSON Web Encryption (JWE ) token with a high compression ratio</issue>
<issue tracker="cve" id="2024-33663"/>
<issue tracker="cve" id="2024-33664"/>
<issue tracker="gh" id="mpdavis/python-jose#345"/>
<issue tracker="gh" id="mpdavis/python-jose#349"/>
<issue tracker="gh" id="mpdavis/python-jose#350"/>
<packager>dgarcia</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for python-python-jose</summary>
<description>This update for python-python-jose fixes the following issues:
- CVE-2024-33664: Fixed denial of service via decoding of a JSON Web Encryption (bsc#1223422)
- CVE-2024-33663: Fixed algorithm confusion with OpenSSH ECDSA keys (bsc#1223417)
</description>
<package>python-python-jose</package>
<seperate_build_arch/>
</patchinfo>
Reference in New Issue View Git Blame Copy Permalink